[openssl-users] How to get a bye or word from BIGNUM in OpenSSL 1.1?

Jakob Bohm jb-openssl at wisemo.com
Wed Aug 2 08:07:56 UTC 2017

On 02/08/2017 09:47, Jeffrey Walton wrote:
> On Wed, Aug 2, 2017 at 12:38 AM, Jakob Bohm <jb-openssl at wisemo.com> wrote:
>> On 02/08/2017 04:21, Jeffrey Walton wrote:
>>> I'm trying to extract the low-order byte or word from a BIGNUM in
>>> OpenSSL 1.1. We were told to use BN_bn2binpad, but its not clear to me
>>> how to specify the location we want to extract.
>>> For example:
>>>       const char v[] = "ffeeddccbbaa99887766554433221100";
>>>       BIGNUM n = BN_new();
>>>       if (BN_hex2bn(&n, v))
>>>       {
>>>           fprintf(stderr, "failed to parse BIGNUM\n");
>>>           exit (1);
>>>       }
>>> I don't see how to get the low-order word 33221100, or the second to
>>> last byte 11.
>>> Here' the documentation but I don't see how to do it:
>>> https://www.openssl.org/docs/man1.1.0/crypto/BN_bn2binpad.html. Other
>>> libraries, like Java, Botan and Crypto++ allow us to specify a potion
>>> to extract from in cases like these.
>>> How do we extract bytes or words from a BIGNUM?
>>> Thanks in advance.
>> BN_bn2binpad (and it's friends) always give you *all* the bytes
>> in the number in a buffer of you own.  You can then extract the
>> bytes from there.
>> If you care mostly about the least significant bytes, using
>> BN_bn2lebinpad may be easier than BN_bn2binpad, as the least
>> significant bytes will be first, not last, in the result.
> Thanks.
> It would be nice if the OpenSSL devs ate their own dogfood and
> suffered that inefficient crap. I would wager that crap would change.
> Jeff
Reading single bytes out of a bignum is a very rare operation
(except as part of some mathematical operation that should be
part of the bignum library).

Converting an entire bignum to/from a simple "large" int-like
variable for inclusion in various protocols and data formats is
a common operation which these functions provide.

Are you sure you are not trying to do something already provided
more directly via your "read a byte" operation?


Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list